Description
The "userModify" feature of Silverpeas Core 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF) leading to privilege escalation. If an administrator goes to a malicious URL while being authenticated to the Silverpeas application, the CSRF with execute making the attacker an administrator user in the application.
Remediation
References
http://silverpeas.com
https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47322